/tmp/k3s-releases.yaml

[jampy]

Not a big issue, but the cache file name /tmp/k3s-releases.yaml appears to be hardcoded in hetzner-k3s

This could lead to problems on a machine where hetzner-k3s is used by multiple system users. Once user A used hetzner-k3s one time (creating /tmp/k3s-releases.yaml), any other system user won't be able to refresh the file since it is writeable exclusively for user A.

I did not run into any errors yet, but think that in theory this could lead into problems sooner or later, especially when user A stops running hetzner-k3s.

[vitobotta]

Hi,

The file path needs to be consistent, so hetzner-k3s can locate the cached version every time it runs. The file gets automatically refreshed by the tool if it's older than 7 days, by the way. Check out the code for details: https://github.com/vitobotta/hetzner-k3s/blob/main/src/k3s.cr#L11-L17.

If you still feel the file's location is an issue, even with the auto-refresh, where would you suggest storing it?

[jampy]

I'm not sure if I've described the problem well.

An example:

• system user foo uses hetzner-k3s to create the cluster alpha. The tool creates /tmp/k3s-releases.yaml with mode 0644 and owner foo. So far, all good.
• a few weeks/months later, the system user bar also uses hetzner-k3s to create the cluster beta. The hetzner-k3s tool tries to update /tmp/k3s-releases.yaml but fails (maybe silently, I don't know) since it has no write access to the file that's owned by foo.

My suggestion would be to use a file name that is not shared with other system users, like...

• /tmp/hetzner-k3s-{foo,bar}/k3s-releases.yaml (like mc or podman do)
• /tmp/k3s-releases-{foo,bar}.yaml
• ~/.hetzner-k3s/k3s-releases.yaml (like ssh, k3s, ...)

... you get the idea

[vitobotta]

OK, I can add the current user to the file name. Note taken.

[vitobotta]

Actually I like the last suggestion for the home directory better.